On Aug 27, 2010, at 3:13 PM, Richard A Steenbergen wrote:
On Fri, Aug 27, 2010 at 01:29:15PM -0400, Jared Mauch wrote:
Unknown BGP attribute 99 (flags: 240) Unknown BGP attribute 99 (flags: 240) Unknown BGP attribute 99 (flags: 240) Unknown BGP attribute 99 (flags: 240) Unknown BGP attribute 99 (flags: 240)
Just out of curiosity, at what point will we as operators rise up against the ivory tower protocol designers at the IETF and demand that they add a mechanism to not bring down the entire BGP session because of a single malformed attribute? Did I miss the memo about the meeting? I'll bring the punch and pie.
I think it's actually an implementation problem where it got out-of-sync. You can't exactly blame the IETF for a vendor having poor code quality. (at least not in this case IMHO). I seem to recall there was something like this in the past that caused some significant problems with people also running XR/CRS-1. They quickly got a fix and cisco issued a PSIRT as a result: http://www.cisco.com/en/US/products/products_security_advisory09186a0080af15... I would hope these people updated their software for that impact as well. Without knowing what the defect impact was on those devices, and without talking to PSIRT today, I don't know if an advisory is pending. Perhaps it's a new defect and the bug is going to be triggered again soon for those that don't patch their devices. - jared